These checks are only guarding against programming errors that could silently grant too many permissions. These cases are better handled with WARN_ON(), since it doesn't really help much to crash the machine in this case. Signed-off-by: Ondrej Mosnacek <omosnace@xxxxxxxxxx> --- security/selinux/avc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/security/selinux/avc.c b/security/selinux/avc.c index 3a27418b20d7..84f108f4100a 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c @@ -1059,7 +1059,7 @@ int avc_has_extended_perms(struct selinux_state *state, int rc = 0, rc2; xp_node = &local_xp_node; - BUG_ON(!requested); + WARN_ON(!requested); rcu_read_lock(); @@ -1149,7 +1149,7 @@ inline int avc_has_perm_noaudit(struct selinux_state *state, int rc = 0; u32 denied; - BUG_ON(!requested); + WARN_ON(!requested); rcu_read_lock(); -- 2.20.1
